AFS Roleplay Bug Bounty Program

AFS Roleplay has begun issuing rewards for a certain species of bug. Do you know of a bug on AFS that affects the security of AFS or the privacy of members of AFS? Maybe you've found an exploit that allows you unrestricted access to our profiling system? Whatever it may be, we want to fix it, and reward you.

How do we handle bug reports?

  • AFS Roleplay promises not to take legal action based on the bug report, so long as the report is within the confines of the below conditions.
  • Vulnerabilities affecting the privacy of AFS Roleplay Members will be responded to within 24 hours, and we will provide you a detailed report as to how we fixed it.
  • Vulnerabilities affecting the security of AFS Roleplay systems may not be responded to, and we will not provide details as to how it was fixed.
  • Depending on the severity of the bug, you may be rewarded up to $100* store credit.**

* Severity is based off of the maximum reward turnout. You may recieve a severity reward of anywhere between 1.00($100), and 0.00($0).

** We reserve the right to deny payment, or pay you via other methods, such as paypal, or in-game rewards.

Bounty Rules

  • Do not intentionally attempt to gain information of other users. You may only attempt to gain your own information. If you find someone elses information you are NOT allowed to save it.
  • Do not perform any actions that could harm the reliability or integrity of AFS Roleplay. Some examples of harmful activities that are not permitted under this bounty include: brute forcing, denial of service (DoS), spamming, timing attacks, etc. These types of attacks will result in a Network level ban.
  • You are not allowed to publicly disclose any information about the bug. We will disclose information publicly once it has been resolved if(and only if) it affects the privacy of Members of AFS Roleplay
  • The use of scanners, automated tools, network sniffers, etc. is not allowed.

* Notice: The use of in-game resources, used outside the in-game context are permanently bannable offences and are not permitted under this bounty program.

How to submit

Submissions should be sent to Luna Alfien#9264 via discord, via private, Direct Messages ONLY.

Terms of Submission: This bug bounty has been put together with the help of Lunar Network. Lunar Network reserves the right to reject any report for any reason. Lunar Network reserves the right to edit this document at any time, at which point the new version will be immediately enforced on all past, present, and future bug reports. Questions and concerns about this bounty can not be directed to Lunar Network Support. By submitting a report, you automatically agree to these terms.